Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
cpanel vulnerabilities and exploits
(subscribe to this query)
3.5
CVSSv2
CVE-2016-10822
cPanel prior to 55.9999.141 allows self XSS in X3 Reseller Branding Images (SEC-88).
Cpanel Cpanel
6.5
CVSSv2
CVE-2016-10831
cPanel prior to 55.9999.141 does not perform as two-factor authentication check when possessing another account (SEC-101).
Cpanel Cpanel
2.1
CVSSv2
CVE-2016-10841
The bin/mkvhostspasswd script in cPanel prior to 11.54.0.4 discloses password hashes (SEC-73).
Cpanel Cpanel
9
CVSSv2
CVE-2016-10848
cPanel prior to 11.54.0.4 allows arbitrary file-overwrite operations in scripts/quotacheck (SEC-81).
Cpanel Cpanel
4
CVSSv2
CVE-2017-18382
cPanel prior to 68.0.15 allows use of an unreserved e-mail address in DNS zone SOA records (SEC-306).
Cpanel Cpanel
2.1
CVSSv2
CVE-2017-18385
cPanel prior to 68.0.15 allows unprivileged users to access restricted directories during account restores (SEC-311).
Cpanel Cpanel
2.1
CVSSv2
CVE-2017-18405
cPanel prior to 68.0.15 allows arbitrary file-read operations because of the backup .htaccess modification logic (SEC-345).
Cpanel Cpanel
5.8
CVSSv2
CVE-2017-18407
cPanel prior to 67.9999.103 does not enforce SSL hostname verification for the support-agreement download (SEC-279).
Cpanel Cpanel
4
CVSSv2
CVE-2017-18409
In cPanel prior to 67.9999.103, the backup interface could return a backup archive with all MySQL databases (SEC-283).
Cpanel Cpanel
4
CVSSv2
CVE-2017-18410
In cPanel prior to 67.9999.103, a user account's backup archive could contain all MySQL databases on the server (SEC-284).
Cpanel Cpanel
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-30924
CVE-2024-3400
overflow
CVE-2024-23528
CVE-2024-21338
CVE-2024-3818
CVE-2024-23535
NULL pointer dereference
elevation of privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »